Skip to main content

Pleasanter

7 CVEs product

Monthly

CVE-2024-21584 MEDIUM This Month

Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Pleasanter
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-46688 MEDIUM This Month

Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Pleasanter
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-45210 MEDIUM This Month

Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Pleasanter
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-34439 MEDIUM This Month

Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pleasanter
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-32608 MEDIUM This Month

Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Pleasanter
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2023-32607 MEDIUM This Month

Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pleasanter
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-30758 MEDIUM POC PATCH This Month

Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Pleasanter
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
EPSS 0% CVSS 6.1
MEDIUM This Month

Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Pleasanter
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Pleasanter
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Pleasanter
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pleasanter
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Pleasanter
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pleasanter
NVD
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Pleasanter
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy